From: "irqchip-bot for Marc Zyngier" <tip-bot2@linutronix.de>
To: linux-kernel@vger.kernel.org
Cc: Guenter Roeck <linux@roeck-us.net>, Marc Zyngier <maz@kernel.org>,
Thomas Bogendoerfer <tsbogend@alpha.franken.de>,
Serge Semin <fancer.lancer@gmail.com>,
tglx@linutronix.de
Subject: [irqchip: irq/irqchip-fixes] irqchip/mips: Fix RCU violation when using irqdomain lookup on interrupt entry
Date: Thu, 08 Jul 2021 08:00:43 -0000 [thread overview]
Message-ID: <162573124376.395.16834827905020820400.tip-bot2@tip-bot2> (raw)
In-Reply-To: <20210705172352.GA56304@roeck-us.net>
The following commit has been merged into the irq/irqchip-fixes branch of irqchip:
Commit-ID: f333d6bc4a8b2ef6c999e46c508d50277baddcd6
Gitweb: https://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms/f333d6bc4a8b2ef6c999e46c508d50277baddcd6
Author: Marc Zyngier <maz@kernel.org>
AuthorDate: Tue, 06 Jul 2021 11:38:59 +01:00
Committer: Marc Zyngier <maz@kernel.org>
CommitterDate: Tue, 06 Jul 2021 13:55:57 +01:00
irqchip/mips: Fix RCU violation when using irqdomain lookup on interrupt entry
Since d4a45c68dc81 ("irqdomain: Protect the linear revmap with RCU"),
any irqdomain lookup requires the RCU read lock to be held.
This assumes that the architecture code will be structured such as
irq_enter() will be called *before* the interrupt is looked up
in the irq domain. However, this isn't the case for MIPS, and a number
of drivers are structured to do it the other way around when handling
an interrupt in their root irqchip (secondary irqchips are OK by
construction).
This results in a RCU splat on a lockdep-enabled kernel when the kernel
takes an interrupt from idle, as reported by Guenter Roeck.
Note that this could have fired previously if any driver had used
tree-based irqdomain, which always had the RCU requirement.
To solve this, provide a MIPS-specific helper (do_domain_IRQ())
as the pendent of do_IRQ() that will do thing in the right order
(and maybe save some cycles in the process).
Ideally, MIPS would be moved over to using handle_domain_irq(),
but that's much more ambitious.
Reported-by: Guenter Roeck <linux@roeck-us.net>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: Serge Semin <fancer.lancer@gmail.com>
Link: https://lore.kernel.org/r/20210705172352.GA56304@roeck-us.net
Link: https://lore.kernel.org/r/20210706110647.3979002-1-maz@kernel.org
---
arch/mips/include/asm/irq.h | 3 +++
arch/mips/kernel/irq.c | 14 ++++++++++++++
drivers/irqchip/irq-mips-cpu.c | 10 ++++++----
drivers/irqchip/irq-mips-gic.c | 8 ++++----
drivers/irqchip/irq-pic32-evic.c | 5 ++---
5 files changed, 29 insertions(+), 11 deletions(-)
diff --git a/arch/mips/include/asm/irq.h b/arch/mips/include/asm/irq.h
index d1477ec..57561e0 100644
--- a/arch/mips/include/asm/irq.h
+++ b/arch/mips/include/asm/irq.h
@@ -57,6 +57,9 @@ asmlinkage void plat_irq_dispatch(void);
extern void do_IRQ(unsigned int irq);
+struct irq_domain;
+extern void do_domain_IRQ(struct irq_domain *domain, unsigned int irq);
+
extern void arch_init_irq(void);
extern void spurious_interrupt(void);
diff --git a/arch/mips/kernel/irq.c b/arch/mips/kernel/irq.c
index 85b6c60..c76005c 100644
--- a/arch/mips/kernel/irq.c
+++ b/arch/mips/kernel/irq.c
@@ -21,6 +21,7 @@
#include <linux/kallsyms.h>
#include <linux/kgdb.h>
#include <linux/ftrace.h>
+#include <linux/irqdomain.h>
#include <linux/atomic.h>
#include <linux/uaccess.h>
@@ -107,3 +108,16 @@ void __irq_entry do_IRQ(unsigned int irq)
irq_exit();
}
+void __irq_entry do_domain_IRQ(struct irq_domain *domain, unsigned int hwirq)
+{
+ struct irq_desc *desc;
+
+ irq_enter();
+ check_stack_overflow();
+
+ desc = irq_resolve_mapping(domain, hwirq);
+ if (likely(desc))
+ handle_irq_desc(desc);
+
+ irq_exit();
+}
diff --git a/drivers/irqchip/irq-mips-cpu.c b/drivers/irqchip/irq-mips-cpu.c
index 0bbb0b2..0c7ae71 100644
--- a/drivers/irqchip/irq-mips-cpu.c
+++ b/drivers/irqchip/irq-mips-cpu.c
@@ -127,7 +127,6 @@ static struct irq_chip mips_mt_cpu_irq_controller = {
asmlinkage void __weak plat_irq_dispatch(void)
{
unsigned long pending = read_c0_cause() & read_c0_status() & ST0_IM;
- unsigned int virq;
int irq;
if (!pending) {
@@ -137,12 +136,15 @@ asmlinkage void __weak plat_irq_dispatch(void)
pending >>= CAUSEB_IP;
while (pending) {
+ struct irq_domain *d;
+
irq = fls(pending) - 1;
if (IS_ENABLED(CONFIG_GENERIC_IRQ_IPI) && irq < 2)
- virq = irq_linear_revmap(ipi_domain, irq);
+ d = ipi_domain;
else
- virq = irq_linear_revmap(irq_domain, irq);
- do_IRQ(virq);
+ d = irq_domain;
+
+ do_domain_IRQ(d, irq);
pending &= ~BIT(irq);
}
}
diff --git a/drivers/irqchip/irq-mips-gic.c b/drivers/irqchip/irq-mips-gic.c
index b146e06..54c7092 100644
--- a/drivers/irqchip/irq-mips-gic.c
+++ b/drivers/irqchip/irq-mips-gic.c
@@ -169,8 +169,8 @@ static void gic_handle_shared_int(bool chained)
generic_handle_domain_irq(gic_irq_domain,
GIC_SHARED_TO_HWIRQ(intr));
else
- do_IRQ(irq_find_mapping(gic_irq_domain,
- GIC_SHARED_TO_HWIRQ(intr)));
+ do_domain_IRQ(gic_irq_domain,
+ GIC_SHARED_TO_HWIRQ(intr));
}
}
@@ -320,8 +320,8 @@ static void gic_handle_local_int(bool chained)
generic_handle_domain_irq(gic_irq_domain,
GIC_LOCAL_TO_HWIRQ(intr));
else
- do_IRQ(irq_find_mapping(gic_irq_domain,
- GIC_LOCAL_TO_HWIRQ(intr)));
+ do_domain_IRQ(gic_irq_domain,
+ GIC_LOCAL_TO_HWIRQ(intr));
}
}
diff --git a/drivers/irqchip/irq-pic32-evic.c b/drivers/irqchip/irq-pic32-evic.c
index 34c4b4f..1d9bb28 100644
--- a/drivers/irqchip/irq-pic32-evic.c
+++ b/drivers/irqchip/irq-pic32-evic.c
@@ -42,11 +42,10 @@ static void __iomem *evic_base;
asmlinkage void __weak plat_irq_dispatch(void)
{
- unsigned int irq, hwirq;
+ unsigned int hwirq;
hwirq = readl(evic_base + REG_INTSTAT) & 0xFF;
- irq = irq_linear_revmap(evic_irq_domain, hwirq);
- do_IRQ(irq);
+ do_domain_IRQ(evic_irq_domain, hwirq);
}
static struct evic_chip_data *irqd_to_priv(struct irq_data *data)
next prev parent reply other threads:[~2021-07-08 8:00 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-11 13:54 [irqchip: irq/irqchip-next] irqdomain: Protect the linear revmap with RCU irqchip-bot for Marc Zyngier
2021-07-05 17:23 ` Guenter Roeck
2021-07-05 18:01 ` Marc Zyngier
2021-07-05 18:23 ` Guenter Roeck
2021-07-05 18:43 ` Marc Zyngier
2021-07-05 20:36 ` Guenter Roeck
2021-07-06 9:24 ` Marc Zyngier
2021-07-06 14:23 ` Guenter Roeck
2021-07-08 8:00 ` irqchip-bot for Marc Zyngier [this message]
2021-07-09 9:23 ` [irqchip: irq/irqchip-fixes] irqchip/mips: Fix RCU violation when using irqdomain lookup on interrupt entry irqchip-bot for Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=162573124376.395.16834827905020820400.tip-bot2@tip-bot2 \
--to=tip-bot2@linutronix.de \
--cc=fancer.lancer@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@roeck-us.net \
--cc=maz@kernel.org \
--cc=tglx@linutronix.de \
--cc=tsbogend@alpha.franken.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).